Allow log on locally (Windows)

Module: Account Integrity

Supported Platforms: Windows 2000, Windows 2003, Windows 2008, Windows Vista, Windows XP

This check reports accounts with rights to log on to the system locally at the computer keyboard. You can use the name list to include or exclude users or security groups that are not already included or excluded by the Users to check option.

The following table lists the error message for the check.

Table: Error message for Allow log on locally

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information


Category: Policy Compliance

  • Windows 2000 (105943)

  • Windows 2003 (205943)

  • Windows 2008 (248943)

  • Windows Vista (228938)

  • Windows XP (200938)

Title: Allow log on locally

Description:The user or security group has the right to log on locally. If the right is authorized, edit the check's name list. If this right is not authorized, use the Correct feature to revoke it.

Severity: yellow-1

Correctable: true

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]